Case Study: Atrius Health achieves HIPAA compliance and full network visibility with Fortinet FortiNAC

Atrius Health Uses Network Access Control To Identify And Close Security Gaps

Atrius Health, a nonprofit ambulatory healthcare provider serving over 740,000 patients across 36 Massachusetts locations, relied on electronic medical records but lacked a reliable barrier for physical network connections. That gap let unauthorized devices plug into the network, creating data‑loss and HIPAA compliance risks, while decentralized technology purchases and limited visibility made IT support and asset management inefficient.

Atrius deployed Fortinet Network Access Control with persistent agents and device profiling to gain full visibility, enforce access policies, and quickly quarantine or shut down individual ports. The solution uncovered more than a dozen unregistered devices (including unsecured wireless hubs), eliminated duplicate equipment purchases, strengthened HIPAA compliance, sped incident response, and now integrates with Cisco switches with plans for SIEM integration.

Atrius Health

Rob Fountaine

Manager of Information Security